Browse Source

->permission() sanitizing: don't pass flags to ->permission()

not used by the instances anymore.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
master
Al Viro 10 years ago
parent
commit
10556cb21a
  1. 4
      Documentation/filesystems/vfs.txt
  2. 2
      fs/afs/internal.h
  3. 4
      fs/afs/security.c
  4. 2
      fs/bad_inode.c
  5. 2
      fs/btrfs/inode.c
  6. 4
      fs/ceph/inode.c
  7. 2
      fs/ceph/super.h
  8. 2
      fs/cifs/cifsfs.c
  9. 2
      fs/coda/coda_linux.h
  10. 4
      fs/coda/dir.c
  11. 4
      fs/coda/pioctl.c
  12. 4
      fs/ecryptfs/inode.c
  13. 14
      fs/fuse/dir.c
  14. 2
      fs/gfs2/file.c
  15. 16
      fs/gfs2/inode.c
  16. 2
      fs/gfs2/inode.h
  17. 4
      fs/hostfs/hostfs_kern.c
  18. 4
      fs/namei.c
  19. 4
      fs/nfs/dir.c
  20. 2
      fs/nilfs2/inode.c
  21. 2
      fs/nilfs2/nilfs.h
  22. 4
      fs/ocfs2/file.c
  23. 2
      fs/ocfs2/file.h
  24. 2
      fs/proc/base.c
  25. 2
      fs/proc/proc_sysctl.c
  26. 2
      fs/reiserfs/xattr.c
  27. 4
      fs/sysfs/inode.c
  28. 2
      fs/sysfs/sysfs.h
  29. 2
      include/linux/fs.h
  30. 2
      include/linux/nfs_fs.h
  31. 2
      include/linux/reiserfs_xattr.h

4
Documentation/filesystems/vfs.txt

@ -333,7 +333,7 @@ struct inode_operations {
void * (*follow_link) (struct dentry *, struct nameidata *);
void (*put_link) (struct dentry *, struct nameidata *, void *);
void (*truncate) (struct inode *);
int (*permission) (struct inode *, int, unsigned int);
int (*permission) (struct inode *, int);
int (*check_acl)(struct inode *, int);
int (*setattr) (struct dentry *, struct iattr *);
int (*getattr) (struct vfsmount *mnt, struct dentry *, struct kstat *);
@ -423,7 +423,7 @@ otherwise noted.
permission: called by the VFS to check for access rights on a POSIX-like
filesystem.
May be called in rcu-walk mode (flags & IPERM_FLAG_RCU). If in rcu-walk
May be called in rcu-walk mode (mask & MAY_NOT_BLOCK). If in rcu-walk
mode, the filesystem must check the permission without blocking or
storing to the inode.

2
fs/afs/internal.h

@ -627,7 +627,7 @@ extern void afs_clear_permits(struct afs_vnode *);
extern void afs_cache_permit(struct afs_vnode *, struct key *, long);
extern void afs_zap_permits(struct rcu_head *);
extern struct key *afs_request_key(struct afs_cell *);
extern int afs_permission(struct inode *, int, unsigned int);
extern int afs_permission(struct inode *, int);
/*
* server.c

4
fs/afs/security.c

@ -285,14 +285,14 @@ static int afs_check_permit(struct afs_vnode *vnode, struct key *key,
* - AFS ACLs are attached to directories only, and a file is controlled by its
* parent directory's ACL
*/
int afs_permission(struct inode *inode, int mask, unsigned int flags)
int afs_permission(struct inode *inode, int mask)
{
struct afs_vnode *vnode = AFS_FS_I(inode);
afs_access_t uninitialized_var(access);
struct key *key;
int ret;
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
_enter("{{%x:%u},%lx},%x,",

2
fs/bad_inode.c

@ -229,7 +229,7 @@ static int bad_inode_readlink(struct dentry *dentry, char __user *buffer,
return -EIO;
}
static int bad_inode_permission(struct inode *inode, int mask, unsigned int flags)
static int bad_inode_permission(struct inode *inode, int mask)
{
return -EIO;
}

2
fs/btrfs/inode.c

@ -7331,7 +7331,7 @@ static int btrfs_set_page_dirty(struct page *page)
return __set_page_dirty_nobuffers(page);
}
static int btrfs_permission(struct inode *inode, int mask, unsigned int flags)
static int btrfs_permission(struct inode *inode, int mask)
{
struct btrfs_root *root = BTRFS_I(inode)->root;

4
fs/ceph/inode.c

@ -1795,11 +1795,11 @@ int ceph_do_getattr(struct inode *inode, int mask)
* Check inode permissions. We verify we have a valid value for
* the AUTH cap, then call the generic handler.
*/
int ceph_permission(struct inode *inode, int mask, unsigned int flags)
int ceph_permission(struct inode *inode, int mask)
{
int err;
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
err = ceph_do_getattr(inode, CEPH_CAP_AUTH_SHARED);

2
fs/ceph/super.h

@ -692,7 +692,7 @@ extern void ceph_queue_invalidate(struct inode *inode);
extern void ceph_queue_writeback(struct inode *inode);
extern int ceph_do_getattr(struct inode *inode, int mask);
extern int ceph_permission(struct inode *inode, int mask, unsigned int flags);
extern int ceph_permission(struct inode *inode, int mask);
extern int ceph_setattr(struct dentry *dentry, struct iattr *attr);
extern int ceph_getattr(struct vfsmount *mnt, struct dentry *dentry,
struct kstat *stat);

2
fs/cifs/cifsfs.c

@ -224,7 +224,7 @@ cifs_statfs(struct dentry *dentry, struct kstatfs *buf)
return 0;
}
static int cifs_permission(struct inode *inode, int mask, unsigned int flags)
static int cifs_permission(struct inode *inode, int mask)
{
struct cifs_sb_info *cifs_sb;

2
fs/coda/coda_linux.h

@ -39,7 +39,7 @@ extern const struct file_operations coda_ioctl_operations;
/* operations shared over more than one file */
int coda_open(struct inode *i, struct file *f);
int coda_release(struct inode *i, struct file *f);
int coda_permission(struct inode *inode, int mask, unsigned int flags);
int coda_permission(struct inode *inode, int mask);
int coda_revalidate_inode(struct dentry *);
int coda_getattr(struct vfsmount *, struct dentry *, struct kstat *);
int coda_setattr(struct dentry *, struct iattr *);

4
fs/coda/dir.c

@ -132,11 +132,11 @@ exit:
}
int coda_permission(struct inode *inode, int mask, unsigned int flags)
int coda_permission(struct inode *inode, int mask)
{
int error;
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
mask &= MAY_READ | MAY_WRITE | MAY_EXEC;

4
fs/coda/pioctl.c

@ -24,7 +24,7 @@
#include "coda_linux.h"
/* pioctl ops */
static int coda_ioctl_permission(struct inode *inode, int mask, unsigned int flags);
static int coda_ioctl_permission(struct inode *inode, int mask);
static long coda_pioctl(struct file *filp, unsigned int cmd,
unsigned long user_data);
@ -41,7 +41,7 @@ const struct file_operations coda_ioctl_operations = {
};
/* the coda pioctl inode ops */
static int coda_ioctl_permission(struct inode *inode, int mask, unsigned int flags)
static int coda_ioctl_permission(struct inode *inode, int mask)
{
return (mask & MAY_EXEC) ? -EACCES : 0;
}

4
fs/ecryptfs/inode.c

@ -942,9 +942,9 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length)
}
static int
ecryptfs_permission(struct inode *inode, int mask, unsigned int flags)
ecryptfs_permission(struct inode *inode, int mask)
{
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
return inode_permission(ecryptfs_inode_to_lower(inode), mask);
}

14
fs/fuse/dir.c

@ -971,9 +971,9 @@ static int fuse_access(struct inode *inode, int mask)
return err;
}
static int fuse_perm_getattr(struct inode *inode, int flags)
static int fuse_perm_getattr(struct inode *inode, int mask)
{
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
return fuse_do_getattr(inode, NULL, NULL);
@ -992,7 +992,7 @@ static int fuse_perm_getattr(struct inode *inode, int flags)
* access request is sent. Execute permission is still checked
* locally based on file mode.
*/
static int fuse_permission(struct inode *inode, int mask, unsigned int flags)
static int fuse_permission(struct inode *inode, int mask)
{
struct fuse_conn *fc = get_fuse_conn(inode);
bool refreshed = false;
@ -1011,7 +1011,7 @@ static int fuse_permission(struct inode *inode, int mask, unsigned int flags)
if (fi->i_time < get_jiffies_64()) {
refreshed = true;
err = fuse_perm_getattr(inode, flags);
err = fuse_perm_getattr(inode, mask);
if (err)
return err;
}
@ -1024,7 +1024,7 @@ static int fuse_permission(struct inode *inode, int mask, unsigned int flags)
attributes. This is also needed, because the root
node will at first have no permissions */
if (err == -EACCES && !refreshed) {
err = fuse_perm_getattr(inode, flags);
err = fuse_perm_getattr(inode, mask);
if (!err)
err = generic_permission(inode, mask);
}
@ -1034,7 +1034,7 @@ static int fuse_permission(struct inode *inode, int mask, unsigned int flags)
noticed immediately, only after the attribute
timeout has expired */
} else if (mask & (MAY_ACCESS | MAY_CHDIR)) {
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
err = fuse_access(inode, mask);
@ -1043,7 +1043,7 @@ static int fuse_permission(struct inode *inode, int mask, unsigned int flags)
if (refreshed)
return -EACCES;
err = fuse_perm_getattr(inode, flags);
err = fuse_perm_getattr(inode, mask);
if (!err && !(inode->i_mode & S_IXUGO))
return -EACCES;
}

2
fs/gfs2/file.c

@ -243,7 +243,7 @@ static int do_gfs2_set_flags(struct file *filp, u32 reqflags, u32 mask)
!capable(CAP_LINUX_IMMUTABLE))
goto out;
if (!IS_IMMUTABLE(inode)) {
error = gfs2_permission(inode, MAY_WRITE, 0);
error = gfs2_permission(inode, MAY_WRITE);
if (error)
goto out;
}

16
fs/gfs2/inode.c

@ -307,7 +307,7 @@ struct inode *gfs2_lookupi(struct inode *dir, const struct qstr *name,
}
if (!is_root) {
error = gfs2_permission(dir, MAY_EXEC, 0);
error = gfs2_permission(dir, MAY_EXEC);
if (error)
goto out;
}
@ -337,7 +337,7 @@ static int create_ok(struct gfs2_inode *dip, const struct qstr *name,
{
int error;
error = gfs2_permission(&dip->i_inode, MAY_WRITE | MAY_EXEC, 0);
error = gfs2_permission(&dip->i_inode, MAY_WRITE | MAY_EXEC);
if (error)
return error;
@ -857,7 +857,7 @@ static int gfs2_link(struct dentry *old_dentry, struct inode *dir,
if (inode->i_nlink == 0)
goto out_gunlock;
error = gfs2_permission(dir, MAY_WRITE | MAY_EXEC, 0);
error = gfs2_permission(dir, MAY_WRITE | MAY_EXEC);
if (error)
goto out_gunlock;
@ -990,7 +990,7 @@ static int gfs2_unlink_ok(struct gfs2_inode *dip, const struct qstr *name,
if (IS_APPEND(&dip->i_inode))
return -EPERM;
error = gfs2_permission(&dip->i_inode, MAY_WRITE | MAY_EXEC, 0);
error = gfs2_permission(&dip->i_inode, MAY_WRITE | MAY_EXEC);
if (error)
return error;
@ -1336,7 +1336,7 @@ static int gfs2_rename(struct inode *odir, struct dentry *odentry,
}
}
} else {
error = gfs2_permission(ndir, MAY_WRITE | MAY_EXEC, 0);
error = gfs2_permission(ndir, MAY_WRITE | MAY_EXEC);
if (error)
goto out_gunlock;
@ -1371,7 +1371,7 @@ static int gfs2_rename(struct inode *odir, struct dentry *odentry,
/* Check out the dir to be renamed */
if (dir_rename) {
error = gfs2_permission(odentry->d_inode, MAY_WRITE, 0);
error = gfs2_permission(odentry->d_inode, MAY_WRITE);
if (error)
goto out_gunlock;
}
@ -1543,7 +1543,7 @@ static void gfs2_put_link(struct dentry *dentry, struct nameidata *nd, void *p)
* Returns: errno
*/
int gfs2_permission(struct inode *inode, int mask, unsigned int flags)
int gfs2_permission(struct inode *inode, int mask)
{
struct gfs2_inode *ip;
struct gfs2_holder i_gh;
@ -1553,7 +1553,7 @@ int gfs2_permission(struct inode *inode, int mask, unsigned int flags)
ip = GFS2_I(inode);
if (gfs2_glock_is_locked_by_me(ip->i_gl) == NULL) {
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
error = gfs2_glock_nq_init(ip->i_gl, LM_ST_SHARED, LM_FLAG_ANY, &i_gh);
if (error)

2
fs/gfs2/inode.h

@ -108,7 +108,7 @@ extern int gfs2_inode_refresh(struct gfs2_inode *ip);
extern struct inode *gfs2_lookupi(struct inode *dir, const struct qstr *name,
int is_root);
extern int gfs2_permission(struct inode *inode, int mask, unsigned int flags);
extern int gfs2_permission(struct inode *inode, int mask);
extern int gfs2_setattr_simple(struct gfs2_inode *ip, struct iattr *attr);
extern struct inode *gfs2_lookup_simple(struct inode *dip, const char *name);
extern void gfs2_dinode_out(const struct gfs2_inode *ip, void *buf);

4
fs/hostfs/hostfs_kern.c

@ -748,12 +748,12 @@ int hostfs_rename(struct inode *from_ino, struct dentry *from,
return err;
}
int hostfs_permission(struct inode *ino, int desired, unsigned int flags)
int hostfs_permission(struct inode *ino, int desired)
{
char *name;
int r = 0, w = 0, x = 0, err;
if (flags & IPERM_FLAG_RCU)
if (desired & MAY_NOT_BLOCK)
return -ECHILD;
if (desired & MAY_READ) r = 1;

4
fs/namei.c

@ -287,7 +287,7 @@ int inode_permission(struct inode *inode, int mask)
}
if (inode->i_op->permission)
retval = inode->i_op->permission(inode, mask, 0);
retval = inode->i_op->permission(inode, mask);
else
retval = generic_permission(inode, mask);
@ -323,7 +323,7 @@ static inline int exec_permission(struct inode *inode, unsigned int flags)
mask |= MAY_NOT_BLOCK;
if (inode->i_op->permission) {
ret = inode->i_op->permission(inode, mask, flags);
ret = inode->i_op->permission(inode, mask);
if (likely(!ret))
goto ok;
} else {

4
fs/nfs/dir.c

@ -2273,12 +2273,12 @@ int nfs_may_open(struct inode *inode, struct rpc_cred *cred, int openflags)
return nfs_do_access(inode, cred, nfs_open_permission_mask(openflags));
}
int nfs_permission(struct inode *inode, int mask, unsigned int flags)
int nfs_permission(struct inode *inode, int mask)
{
struct rpc_cred *cred;
int res = 0;
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
nfs_inc_stats(inode, NFSIOS_VFSACCESS);

2
fs/nilfs2/inode.c

@ -799,7 +799,7 @@ out_err:
return err;
}
int nilfs_permission(struct inode *inode, int mask, unsigned int flags)
int nilfs_permission(struct inode *inode, int mask)
{
struct nilfs_root *root = NILFS_I(inode)->i_root;
if ((mask & MAY_WRITE) && root &&

2
fs/nilfs2/nilfs.h

@ -264,7 +264,7 @@ extern void nilfs_update_inode(struct inode *, struct buffer_head *);
extern void nilfs_truncate(struct inode *);
extern void nilfs_evict_inode(struct inode *);
extern int nilfs_setattr(struct dentry *, struct iattr *);
int nilfs_permission(struct inode *inode, int mask, unsigned int flags);
int nilfs_permission(struct inode *inode, int mask);
int nilfs_load_inode_block(struct inode *inode, struct buffer_head **pbh);
extern int nilfs_inode_dirty(struct inode *);
int nilfs_set_file_dirty(struct inode *inode, unsigned nr_dirty);

4
fs/ocfs2/file.c

@ -1279,11 +1279,11 @@ bail:
return err;
}
int ocfs2_permission(struct inode *inode, int mask, unsigned int flags)
int ocfs2_permission(struct inode *inode, int mask)
{
int ret;
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
ret = ocfs2_inode_lock(inode, NULL, 0);

2
fs/ocfs2/file.h

@ -61,7 +61,7 @@ int ocfs2_zero_extend(struct inode *inode, struct buffer_head *di_bh,
int ocfs2_setattr(struct dentry *dentry, struct iattr *attr);
int ocfs2_getattr(struct vfsmount *mnt, struct dentry *dentry,
struct kstat *stat);
int ocfs2_permission(struct inode *inode, int mask, unsigned int flags);
int ocfs2_permission(struct inode *inode, int mask);
int ocfs2_should_update_atime(struct inode *inode,
struct vfsmount *vfsmnt);

2
fs/proc/base.c

@ -2167,7 +2167,7 @@ static const struct file_operations proc_fd_operations = {
* /proc/pid/fd needs a special permission handler so that a process can still
* access /proc/self/fd after it has executed a setuid().
*/
static int proc_fd_permission(struct inode *inode, int mask, unsigned int flags)
static int proc_fd_permission(struct inode *inode, int mask)
{
int rv = generic_permission(inode, mask);
if (rv == 0)

2
fs/proc/proc_sysctl.c

@ -294,7 +294,7 @@ out:
return ret;
}
static int proc_sys_permission(struct inode *inode, int mask,unsigned int flags)
static int proc_sys_permission(struct inode *inode, int mask)
{
/*
* sysctl entries that are not writeable,

2
fs/reiserfs/xattr.c

@ -958,7 +958,7 @@ static int xattr_mount_check(struct super_block *s)
return 0;
}
int reiserfs_permission(struct inode *inode, int mask, unsigned int flags)
int reiserfs_permission(struct inode *inode, int mask)
{
/*
* We don't do permission checks on the internal objects.

4
fs/sysfs/inode.c

@ -349,11 +349,11 @@ int sysfs_hash_and_remove(struct sysfs_dirent *dir_sd, const void *ns, const cha
return -ENOENT;
}
int sysfs_permission(struct inode *inode, int mask, unsigned int flags)
int sysfs_permission(struct inode *inode, int mask)
{
struct sysfs_dirent *sd;
if (flags & IPERM_FLAG_RCU)
if (mask & MAY_NOT_BLOCK)
return -ECHILD;
sd = inode->i_private;

2
fs/sysfs/sysfs.h

@ -201,7 +201,7 @@ static inline void __sysfs_put(struct sysfs_dirent *sd)
struct inode *sysfs_get_inode(struct super_block *sb, struct sysfs_dirent *sd);
void sysfs_evict_inode(struct inode *inode);
int sysfs_sd_setattr(struct sysfs_dirent *sd, struct iattr *iattr);
int sysfs_permission(struct inode *inode, int mask, unsigned int flags);
int sysfs_permission(struct inode *inode, int mask);
int sysfs_setattr(struct dentry *dentry, struct iattr *iattr);
int sysfs_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat);
int sysfs_setxattr(struct dentry *dentry, const char *name, const void *value,

2
include/linux/fs.h

@ -1578,7 +1578,7 @@ struct file_operations {
struct inode_operations {
struct dentry * (*lookup) (struct inode *,struct dentry *, struct nameidata *);
void * (*follow_link) (struct dentry *, struct nameidata *);
int (*permission) (struct inode *, int, unsigned int);
int (*permission) (struct inode *, int);
int (*check_acl)(struct inode *, int);
int (*readlink) (struct dentry *, char __user *,int);

2
include/linux/nfs_fs.h

@ -360,7 +360,7 @@ extern int nfs_refresh_inode(struct inode *, struct nfs_fattr *);
extern int nfs_post_op_update_inode(struct inode *inode, struct nfs_fattr *fattr);
extern int nfs_post_op_update_inode_force_wcc(struct inode *inode, struct nfs_fattr *fattr);
extern int nfs_getattr(struct vfsmount *, struct dentry *, struct kstat *);
extern int nfs_permission(struct inode *, int, unsigned int);
extern int nfs_permission(struct inode *, int);
extern int nfs_open(struct inode *, struct file *);
extern int nfs_release(struct inode *, struct file *);
extern int nfs_attribute_timeout(struct inode *inode);

2
include/linux/reiserfs_xattr.h

@ -41,7 +41,7 @@ int reiserfs_xattr_init(struct super_block *sb, int mount_flags);
int reiserfs_lookup_privroot(struct super_block *sb);
int reiserfs_delete_xattrs(struct inode *inode);
int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs);
int reiserfs_permission(struct inode *inode, int mask, unsigned int flags);
int reiserfs_permission(struct inode *inode, int mask);
#ifdef CONFIG_REISERFS_FS_XATTR
#define has_xattr_dir(inode) (REISERFS_I(inode)->i_flags & i_has_xattr_dir)

Loading…
Cancel
Save